The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have released best practices for security leaders concerned with access management. The practices are designed to help security leaders to better protect their identity and access management (IAM) systems as part of the Enduring Security Framework (ESF).
IAM is a framework of business processes, policies and technologies that facilitate the management of digital identities and ensures that users only gain access to data when they have the appropriate credentials. The recommendations focus on some of the following practices: